////////////////////////////////////////////////////////////////////////////////
//http://www.leeholmes.com/blog/2010/09/24/adjusting-token-privileges-in-powershell/
//https://support.microsoft.com/en-us/help/131065/how-to-obtain-a-handle-to-any-process-with-sedebugprivilege
////////////////////////////////////////////////////////////////////////////////
public static void SetTokenPrivilege(ref IntPtr hToken, String privilege)
{
Console.WriteLine("[*] Adjusting Token Privilege");
////////////////////////////////////////////////////////////////////////////////
Structs._LUID luid = new Structs._LUID();
if (!Unmanaged.LookupPrivilegeValue(null, privilege, ref luid))
{
GetError("LookupPrivilegeValue");
return;
}
Console.WriteLine(" [+] Recieved luid");
////////////////////////////////////////////////////////////////////////////////
Structs._LUID_AND_ATTRIBUTES luidAndAttributes = new Structs._LUID_AND_ATTRIBUTES();
luidAndAttributes.Luid = luid;
luidAndAttributes.Attributes = Constants.SE_PRIVILEGE_ENABLED;
Structs._TOKEN_PRIVILEGES newState = new Structs._TOKEN_PRIVILEGES();
newState.PrivilegeCount = 1;
newState.Privileges = luidAndAttributes;
Structs._TOKEN_PRIVILEGES previousState = new Structs._TOKEN_PRIVILEGES();
UInt32 returnLength = 0;
Console.WriteLine(" [*] AdjustTokenPrivilege");
if (!Unmanaged.AdjustTokenPrivileges(hToken, false, ref newState, (UInt32)Marshal.SizeOf(newState), ref previousState, out returnLength))
{
GetError("AdjustTokenPrivileges");
return;
}
Console.WriteLine(" [+] Adjusted Token to: " + privilege);
return;
}
internal static extern Boolean AdjustTokenPrivileges(
IntPtr TokenHandle,
Boolean DisableAllPrivileges,
ref Structs._TOKEN_PRIVILEGES NewState,
UInt32 BufferLengthInBytes,
ref Structs._TOKEN_PRIVILEGES PreviousState,
out UInt32 ReturnLengthInBytes
);